Forum Discussion
Azure AD service Principal Audit
I have requirement for service principal audit to detect if there is an inactive owner or an expired key/Service Principal within Azure for the Service Principal.
The remediation of that resource will execute as follows:
Service Principal Status
1. Detect if service principal is Inactive
2. Detect an inactive owner (utilizing API)
3. (Future Remediation) If there is multiple owners on a Service Principal, remove the Inactive Owner
ii. Key credentials
1. Detect if the service principal key is expired
2. (Future Remediation) Delete expired key
b. Generates a report of Active/Inactive Service Principals within the Tenant that is output to a Teams channel or as a email report.
>> I am trying below commands to get list of all Service principal along with expiration date but i also needed owner details
$apps = Get-AzureADApplication -All $true | Select-Object ObjectId
foreach($app in $apps)
{ $temp = Get-AzureADApplication -ObjectId $app.ObjectId
$temp.DisplayName
$temp.PasswordCredentials | Format-list EndDate
Write-Host ""
}
Can anyone help me with the above requirement?
- JanBakkerOrphanedSteel Contributor
Sahitya95 I would use Logic Apps for this. I've send you a DM with additional questions. I think a lot of organizations have the same need, so let's see if I can build such flow and make a step-by-step tutorial on this.
- Sahitya95Microsoft
JanBakkerOrphaned Replied you my requirement and along with the script that I am using
- gdusautoirCopper ContributorDid you succeed to accomplish what you were looking for ?